KOBIL User Attribute Handler
KOBIL User Attribute Handler
Main task of this execution is to add/update and remove the attributes provided through the User Attribute Name/Value field and JSON format.
Type
| Protocol | OpenID Connect 1.0 |
|---|---|
| HTTP method | GET |
| Type | Browser Flow |
| Endpoint | Authorization Endpoint |
| Flow Supported | Authorization code flow Implicit flow Hybrid flow |
| Response | ID Token, Access Token, Refresh Token |
| Response Mode | query, form_post, fragment |
How to configure
To access the config of the execution press the Settings button and select Config. The authenticator configuration screen will appear. Then enter your config data.
Note: User Enabled should be set to ON.
Configuration
Parameters involved in KOBIL User Attribute Handler execution
| Parameter | Description |
|---|---|
| ID | Unique system UUID, which will be assigned automatically to record in a database. |
| Alias | Name for the overall configured configurations which occurs in particular authenticator. |
| User Attribute Name | Provide a name of the "key" send during authentication request. |
| User Attribute Value | Provide a name of the "Value" send during authentication request. |
While execution the attributes present in JSON format will be considered as the highest priority even if the value present in User Attribute Name/Value field.
Sample Request Body
In order to add/update and remove the attributes use the below JSON formats.
To remove:
{
"attribute_name1": {
"removeAttribute": "true"
}
}
To add/update:
{
"attribute_name2": {
"attributeValue": "value"
}
}
User Flow
Execution Flow
This execution contains following main steps:
- It is mandatory that KOBIL User Attribute Handler must be preceded by another Authenticator, since it procures username from this precedent authenticator. For instance: KOBIL Username Password Form for user identification.
- The authenticator will receive a collection of attributes in the authenticator configuration as a JSON file and it will add/remove the attributes depending on the supplied JSON.
- The backward compatibility of a single attribute upgrade has also been established.